﻿<?php
session_start();
?>
<?php	
	if(isset($_POST["submit"])){		
			if(!$u=$_POST["username"]){
				echo "Please enter username<br/>";
			}
			if(!$p=$_POST["pass"]){
				echo "Please enter password<br/>";
			}			
			if($u && $p){
				$u=mysql_real_escape_string($u);
				$p=mysql_real_escape_string($p);
				$con=mysql_connect("sql307.freevnn.com",'freev_11941239','khoaluan');
				mysql_select_db("freev_11941239_kfc",$con);
				//mysql_set_charset('utf8',$con);				
				$mysql="select * from user where username= '$u' and password=md5('$p')";				
				$query=mysql_query($mysql);
				$data=mysql_fetch_assoc($query);
				if(!mysql_num_rows($query)){
					echo "Wrong username or password";
				}else{							
					$_SESSION['ses_userid']=$data['uid'];
					$_SESSION['ses_usename']=$data['username'];
					$_SESSION['ses_level']=$data['level'];
					$level=$data['level'];					
					if($level==2){
						header("location:admin/index.php?page=menu_list");
						exit();
					}else if($level==1){
							header("location:kfcuser/index.php");
							exit();
					}else if($level==4){
						 	header("location:kfccheft/index.php");
						 	exit();
					}					
				}						
			}				
	}
?>
<html>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" charset="utf-8"/>
<head>
<title>Login</title>
</head>
<body>
<table align="center">
	<tr>
		<td>
			<form name="f" method="post">
			<fieldset>
			<legend>Đang nhập</legend>
			<table>	
				<tr>
					<td><b>Username:</b></td>
					<td><input type="text" name="username" size="25"/><td>
				</tr>
				<tr>
					<td><b>Password:</b></td>
					<td><input type="password" name="pass" size="25"/></td>
				</tr>
				<tr>
					<td></td>
					<td><input type="submit" name="submit" value="Login"/></td>
				</tr>
			</table>
			</fieldset>
			</form>
		</td>
	</tr>
</table>
</body>
</html>